CVE-2024-27181
published 2024-08-02CVE-2024-27181: In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
In Apache Linkis <= 1.5.0,
Privilege Escalation in Basic management services where the attacking user is
a trusted account
allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | linkis | < 1.6.0 | 1.6.0 |
| apache_software_foundation | apache_linkis_basic_management_services | >= 1.3.2 < 1.6.0 | 1.6.0 |